[RH199] ipa-client-install and NTP related issues

Latest response

It seems that the chapter 3 guide related to use of ipa-client-install has some inconsistencies and I am unable to complete it.

After entring the KDC username (admin) it attempts to sync time with KDC server and fails to asking about cheging the UDP 123 port.

The course material has no information about that even if it appears to always happen. I mention that I did use the --no-nto argument as indicated in the solution but the behavior is the same.

Even so the ipa-client-install reports success running in the end with the only error being setting DNS records for SSHDFP.

Still, I was never able to login as the ipauser after that, so somethign is clearly not ok.

Responses

On the client system, does ipa user-find admin show the admin user? I also had to edit /etc/sssd/sssd.conf and add nss to the services line, then restart sssd before I was able to log in as an ipauser. I skipped setting up ntp on the initial ipa-server-install command though.